Nameserver Zones - Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual

Chapter 17.
Berkeley Internet Name Domain (BIND)
On most modern networks, including the Internet, users locate other computers by name. This frees
users from the daunting task of remembering the numerical network address of network resources.
The most effective way to configure a network to allow such name-based connections is to set up
a Domain Name Service (DNS) or a nameserver, which resolves hostnames on the network to
numerical addresses and vice versa.
This chapter reviews the nameserver included in Red Hat Enterprise Linux and the Berkeley Internet
Name Domain (BIND) DNS server, with an emphasis on the structure of its configuration files and how
it may be administered both locally and remotely.
Note
BIND is also known as the service named in Red Hat Enterprise Linux. You can manage it
via the Services Configuration Tool (system-config-service).
17.1. Introduction to DNS
DNS associates hostnames with their respective IP addresses, so that when users want to connect
to other machines on the network, they can refer to them by name, without having to remember IP
addresses.
Use of DNS and FQDNs also has advantages for system administrators, allowing the flexibility to
change the IP address for a host without affecting name-based queries to the machine. Conversely,
administrators can shuffle which machines handle a name-based query.
DNS is normally implemented using centralized servers that are authoritative for some domains and
refer to other DNS servers for other domains.
When a client host requests information from a nameserver, it usually connects to port 53. The
nameserver then attempts to resolve the FQDN based on its resolver library, which may contain
authoritative information about the host requested or cached data from an earlier query. If the
nameserver does not already have the answer in its resolver library, it queries other nameservers,
called root nameservers, to determine which nameservers are authoritative for the FQDN in question.
Then, with that information, it queries the authoritative nameservers to determine the IP address of the
requested host. If a reverse lookup is performed, the same procedure is used, except that the query is
made with an unknown IP address rather than a name.

17.1.1. Nameserver Zones

On the Internet, the FQDN of a host can be broken down into different sections. These sections
are organized into a hierarchy (much like a tree), with a main trunk, primary branches, secondary
branches, and so forth. Consider the following FQDN:
bob.sales.example.com
When looking at how an FQDN is resolved to find the IP address that relates to a particular system,
read the name from right to left, with each level of the hierarchy divided by periods (.). In this
example, com defines the top level domain for this FQDN. The name example is a sub-domain under
203